iommu.c: rework initialization function #17
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
krystian-hebel
force-pushed
the
iommu_updates
branch
from
b7af1e2
to
7dc4531
Compare
krystian-hebel
force-pushed
the
iommu_updates
branch
from
7dc4531
to
b58b2d6
Compare
krystian-hebel
force-pushed
the
iommu_updates
branch
from
b58b2d6
to
4304942
Compare
|
SNAFU. Binary built locally from this code (on old Ubuntu, will check newer Fedora) works, while binary built by CI reports wrong self-measurement hash. Other hash values seem to be valid (PCR replay gives current value after fixing just the first entry), so the problem most likely lies in EDIT: shouldn't be, |
|
Local build on Fedora also doesn't give proper hash... |
|
Something changed in gcc-11, it fails to produce valid SHA1 measurements: #19 |
krystian-hebel
force-pushed
the
iommu_updates
branch
from
4304942
to
d2cb1b7
Compare
Test for INVALIDATE_ALL completion is now done inside the initialization function, instead of main.c. Function names were changed to better describe what the function does. Comment describing window in anti-DMA security was updated with new finds. Some bugs were fixed: - EventLogInt wasn't properly cleared (it is write-1-to-clear bit) - CmdBufEn was set on transition to the kernel, which didn't clear it before setting up head/tail pointers, which in turn lead to hang (it is listed as undefined behavior in IOMMU specification) - Command buffer tail/head pointer registers were incorrectly masked Signed-off-by: Krystian Hebel <[email protected]>
Release versions of SKL hanged in tis_send(), while versions with serial output worked, most likely thanks to increased delay between DRTM sequence and next TPM command. Apparently, some TPMs don't properly handle setting STS.commandReady when all of the following conditions are met: - TPM has recently finished DRTM sequence (internal work may still be happening at that point, there is no way to be sure), - TPM just transitioned to Idle state (e.g. by changing locality), - STS.commandReady is written periodically before TPM reports it is in Ready state. When all of the above applies, STS.commandReady is always read as 0, as if the TPM restarted transition from Idle to Ready each time it is asked to do so. To work around this, set this bit once and keep checking in a loop until TIMEOUT_B (2 seconds). Well behaving TPM must be able to enter Ready state before that time, if it doesn't, error is returned. Signed-off-by: Krystian Hebel <[email protected]>
krystian-hebel
force-pushed
the
iommu_updates
branch
from
d2cb1b7
to
f16a0d0
Compare
This enables SHA tests to check if different compilers produce the same results. Definitions in string.h were moved outside of __STDC_HOSTED__ to avoid compiler warnings (promoted to errors because of -Werror) due to incompatible implicit declaration of built-in functions. Signed-off-by: Krystian Hebel <[email protected]>
SergiiDmytruk
approved these changes
Apr 16, 2024
-fstrict-aliasing is enabled by default when using optimization levels higher than 1, including -Os. With that option, compiler may assume that object of one type never resides at the same address as object of a different type. Both sha1_final() and sha256_final() used to write message length by casting a pointer to buffer into a pointer to u64, while surrounding code operated on the buffer directly. The problem manifests in GCC 11 and later versions. The commit fixes this issue and another UB caused by unaligned access at the beginning of transformation step by using memcpy() in both cases. Signed-off-by: Krystian Hebel <[email protected]> Signed-off-by: Sergii Dmytruk <[email protected]>
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Test for INVALIDATE_ALL completion is now done inside the initialization function, instead of main.c. Function names were changed to better describe what the function does. Comment describing window in anti-DMA security was updated with new finds.
Two bugs were fixed: